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Remarks 

The above Amendments and these Remarks are a supplemental reply to the Office Action 
mailed April 19, 2006, an Examiner Interview conducted on September 1 l s 2006, and Examiner's 
Interview Summary mailed on September 19, 2006. Applicant submits that the Examiner's 
Interview Summary is correct and complete as to the substance and outcome of the interview. 

Applicant acknowledges with thanks Examiner Picb *$ assistance in granting an interview on 
September 11 , 2006, daring the course of which interview various features of the claimed 
embodiments were discussed, the substance of which is fully included herein. 

Claims 1-41 were pending in the Application prior to the Office Action. In the Office Action, 
the Examiner rejected claims 1-41. The Supplemental Reply amends claims 1, 2, 18, and 19, and 
cancels claims 3, 14, 20, 31, and 41, leaving forthe Examiner's present consideration claims 1-2, 4- 
13, 15-19, 21-30, and 32-40, Reconsideration of the rejections is requested. 

L Summary of Examiner's Rejections 

Claims 1-41 were rejected under 35 U.S.C. §1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which Applicant regards as the 
invention. 

Claims M7and 40-41 were rejected under 3 5 U.S.C §101 as being directed to non-statutory 
subject matter. 

Claims 1-2, 5-19, and 22-41 were rejected under 35 USC 103(a) as being unpatentable over 
Wiederhold (U.S. 6,226,745) in view of Devine et al. (U.S. 6,606,708) and further in view ofBlewett 
(U.S. 5,551,040). 
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Claims 3-4 and 20-21 were rejected under 35 USC 103(a) as being unpatentable over 
Wiederhold in view of Devine et al. and Blewett and further in view ofjavaworld.com. 



n. Summary of Applicant's Amendment 

A Reply to the Office Action was filed on August 23, 2006. The present reply is a 
supplement to the reply filed on August 23, 2006, and is also in response to an examiner interview 
on September 1 1 , 2006. The present response amends Claims 1 , 2, 1 8, and 1 9 to more clearly define 
Application Container and Context Information within the embodiment of the invention. 
Reconsideration of the Application is respectfully requested. 

HI. Claim Reje ctions under 35 U.S.C. 103(aV 

Claim 1 has been amended to more clearly define Application Container and Context 

Information within the embodiment of the invention. As amended, Claim 1 defines: 

1 . (Currently Amended): A security system for allowing a client to access a protected resource through 
an application container, the security system comprising: 

an anplicadoncontainer. which provides services for a protected resource, wherein the application 
container delegates authorization decisions to the security service by passing an access request and a 
callback handler to the security service when the application container receives an access request for a 
protected resource from a client; 

context information, wherein the context information comprises one or more para meter values 
describing the access request and can be retrieved from the application container by the security service 
using the callback handler: 

an application int e rfac e me chamsm-for-geeei-ving an access request from a cheat to acc e ss said 
protected re s ource, and communicating tho acccsg - rcquc s t - tcHhc - application container , and the 
application container callfl the security sorvioo with the neccaa request and a callback handler; 

said security service for making a decision to permit or deny the access request, wherein the security 
service includes a plurality of security providers that may be plugged into the security service, and 
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wherein the plurality of security providers use the callback handler to request context information from 
the application container for the access request, and wherein depending on output from each security 
provider the security service determines entitlements for the client to use with the protected resource; 

said security service is located at a first computer, and said protected resource is located either at the 
same first co mputer or at a second computer; and 

a resource interface for communicating permitted access requests to said protected resource. 

Claim 1 claims a security system. When a client attempts to access a protected resource, the 
access request is received by the application container. The application container provides access to 
services for the resources it protects, one of those services being a security service. The 
authorization decision is delegated from the application container to the security service bypassing 
the access request along with a callback handler to the security service. If the security service needs 
more information from the application container to make a decision, the security service can use the 
callback handler to request context information from the Application container. Furthermore, the 
security service has a pluggable architecture for allowing security and business logic plug-ins to 
influence access decisions for protected resources which allows a plurality of security providers to 
request context information regarding access requests if necessary. 

Wiederhoid's security system involved a human security officer and was meant to modi^ a 
Relational Database Management System, not the Application Container of claim 1. Devine 
describes the use of web servers, but not the Application Container of claim 1. Blewett describes 
callbacks, but not callbacks to obtain context information. Applicant submits that neither application 
containers nor context information as described in claim 1 are disclosed in the references cited by the 
office action. 
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For the reasons stated above as well as the reasoning discussed in the August 23, 2006 reply 
and the September 11, 2006 Examiner Interview, Applicant respectfully submits that the 
embodiment as defined in Claim 1 ispatentable. Dependent chums 2, 4-13, 15-17, 40 depend from 
claim L For at least the reasons discussed above, with regards to claim 1, claims 2,4-13, 15-17,40 
are also patentable. It is also submitted that claims 2, 4-13, 15-17, 40 also add their own limitations 
which render them patentable in their own right Applicant reserves the right to argue these 
limitations should it become necessary in the future. Independent claim 1 8 and its dependent claims 
19-34 are believed to be patentable for reasons similar to those discussed above with regards to 
claims 1-17, 40-41. Independent claim 35 and its dependent claims 36-39 are believed to be 
patentable for reasons similar to those discussed above with regards to claims 1-17, 40-41. 

Conclusion 

In light of the above, it is respectfully submitted that all of the claims now pending in the 
subject patent application should be allowable, and a Notice of Allowance is requested. The 
Examiner is respectfully requested to telephone the undersigned if he can assist in any way in 
expediting issuance of a patent 

Enclosed is a PETITION FOR EXTENSION OF TIME UNDER 37 C.F.R- § 1-136 for 
extending the time to respond up to and including today, October 19, 2006, 
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The Commissioner is authorized to charge any underpayment or credit any overpayment 



to Deposit Account No. 06-1325 for any matter in connection with this response, including any 
fee for extension of time, which may be required. 



FLEESLER MEYER LLP 
Four Embarcadero Center, Fourth Floor 
San Francisco, California 941 11-4156 
Telephone: (415) 362-3800 
Customer No. 23910 



Respectfully submitted, 



Date: October 19, 2006 




Thomas R. Plunkett 
Reg. No. 57,253 
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